Last week saw an unknown Ethereum user send not one but two small transactions with hugely disproportionate fees attached. In the first instance, $133 of Ethereum was sent with a $2.6 million fee. A couple of hours later, the same user sent $86,000, again with a transaction fee of $2.6 million.
The supposed mishap has left the crypto community scratching their heads, with theories as to what could have caused the anomaly ranging from money laundering to a bot error. But how did it really happen? We’ve taken a look at how Ethereum fees work and what could have gone awry.
How Ethereum fees work
In order to better understand how this could have happened, let’s first break down how Ethereum transaction fees work.
Very simply, Ethereum runs on something called gas. Gas is a unit of measurement for the amount of computational power required to execute certain operations on the Ethereum blockchain. Every operation, be it a transaction or smart contract execution, requires some amount of gas. Gas is used to calculate the amount of fees owed to the network in order to execute the operation. Miners then receive compensation in Ether, which is equivalent to the total amount of gas it took them to execute a complete operation.
This is different to a cryptocurrency such as Bitcoin. This is because the Bitcoin blockchain is only geared to facilitate monetary transactions, with no way to add “conditions” to a transaction. For example, if you send someone 1 BTC, you wouldn’t be able to impose a condition on the transaction, like letting the recipient know they’ll only receive the money if they perform certain tasks. Smart contracts - which are generally run on the Ethereum blockchain - do allow for these types of conditions to be attached to a transaction. Because of this, smart contracts are handy for exchanges of property, shares or money, in a transparent manner without the need for a middleman, like a lawyer.
The table below from the Ethereum Yellow Paper indicates roughly how much a specific instruction will cost you in gas. According to the table, every transaction requires at least 21,000 gas.
Let’s use a popular analogy to better understand gas. Imagine you’re about to set off on a road trip. Before you go, you’d like to fill your car with fuel (or gas). You go to the gas station and specify how much gas you want to fill your car with. After your car’s been filled, you pay the gas station the amount of money you owe them for the gas.
Now, think of driving the car as being the operation you want to execute (like executing a function of a smart contract). The fuel in your car is the gas and the gas station is the miner. The money you paid the gas station is the miner fees. Therefore, technically, gas is the fuel powering the Ethereum network.
Importantly though, fuel isn’t a currency on its own. It needs to be bought and denominated into a currency, like the Dollar or Euro. The same goes for gas – in order for it to be paid, it needs to have its value expressed in Ether, the underlying cryptocurrency of the Ethereum network. There is no fixed price to convert gas to Ether, which means it’s up to buyers and sellers (miners) to come up with a price suitable to both parties.
In order to execute a transaction on the Ethereum network, the sender needs to specify a “gas limit” before submitting it to the network. The gas limit is the maximum amount someone is willing to pay for their instructions (or transaction) to go through and be processed.
Miners who process these transactions have a few options when they receive a pending transaction. First, they could accept the transaction by processing the instructions with their computers and decide to keep the attached fee set by the sender. Secondly, they could also refund some of the gas to the sender if the sender set a higher gas limit than was necessary for the transaction. On the other hand, they could decline the transaction if a sender sets a lower gas limit than what the market is paying at the time.
If a transaction’s instructions run out of gas mid-execution while a miner is processing it, it’s then “reverted back to its original state”, meaning the transaction has been returned to the sender. Regardless, the sender must still pay a fee to miners to compensate them for the computational power they spent processing the transaction, even if it was partially completed. Miners must also add the transaction to the blockchain, even if it wasn’t fully executed. If the sender specified a higher gas limit than was necessary, the miner would refund the difference to the sender.
This mechanism has its flaws, especially when it comes to transactions with high gas limits. For Bitcoin, paying more usually means a faster transaction time. But in Ethereum’s case, for each block on the Ethereum network, miners are bound by the maximum “block gas limit” which determines the maximum amount of gas that can be spent per block. With the current gas limit set at roughly 10,000,000 gas, miners are less inclined to include transactions with high gas limits as it would waste part of the block gas limit. Generally, such high gas transactions are likely to be refunded by the miner, resulting in miners being more interested in taking on smaller transactions.
For Ethereum to truly work as a world computer, fees on the network need to be tiny. Therefore, in order to pay these fees, Ether would need to be denominated in much smaller amounts. The most widely used denomination of Ether is “gwei”, also known as nanoether. 1 gwei = 0.000000001 ether (10^-9).
How to calculate Ethereum transaction fees
There are a number of ways to calculate the fees necessary to execute a transaction. Theoretically, due to the way the network is set up, a sender could select an arbitrary fee, but that wouldn’t really work since miners are incentivised by fees.
There are a variety of gas calculators available online, offering users a general idea of how much gas their transaction requires. Ethereum Gas Station, for example, is heralded for its accuracy and user-friendly interface. It’s important to remember that recommended prices are only estimated amounts that are subject to change.
It is also possible to determine transaction fees without an online calculator. A sender would need to know how much gas each operation on Ethereum requires, along with a basic understanding of the average market rate for gas prices.
Ethereum’s auction mechanism
Ethereum uses a “first price auction” system to price gas. For this to work, every sender submits a bid (or a gas limit) for how much they’re willing to pay. Miners then pick up desirable transactions and include them in the next block. Theoretically, this allows senders to prioritise their transactions by paying a higher fee, while also saving ETH through refunds. However, in reality, there are more significant flaws.
Usually, if a miner selects transactions with the highest bids, this causes senders to set even higher bids on other transactions they make. Due to a lack of transparency, there’s no way for someone to know what bids came with other pending transactions, which can result in overpaying. According to Eric Conner, founder of Ethhub, many users overpay by more than five times what was necessary. Luckily, there are improvements in the works with Ethereum 2.0, as users can expect to see major changes to the network sometime later this year. Arguably, one of the most notable changes will see Ethereum’s consensus mechanism shift from proof-of-work (PoW) to proof-of-stake (PoS).
So how does someone pay $2.6 million for a $133 transaction?
There are a number of theories. Ethereum co-founder, Vitalik Buterin tweeted a possible explanation.
So the million-dollar txfees *may* actually be blackmail.
The theory: hackers captured partial access to exchange key; they can't withdraw but can send no-effect txs with any gasprice. So they threaten to "burn" all funds via txfees unless compensated.https://t.co/kEDFGp4gsQ
— vitalik.eth (@VitalikButerin) June 12, 2020
Although many were quick to point out Buterin’s theory lacked substance, a new report from Chinese crypto analytics firm Peckshield also concluded the two transfer blunders are as a result of “gas price ransomware attacks.” This would imply the transactions were performed by an exchange, and not an individual user.
Researchers explained hackers gained access to the exchange’s funds and servers via phishing, granting them permission to send money to trusted wallet addresses under the platform’s database, but not their own.
The multi-signature setting on the platform would have prevented the thieves from making transfers to their own accounts, but they discovered a loophole which allowed them to transact to addresses that require single authorisation. By sending small amounts of Ethereum with enormous transaction fees, it’s assumed the hackers are forcing payment.
According to the report, the hackers still have access to 21,000 ETH (~ $5 million), meaning “if the exchange does not give a certain ransom through other means, the hackers will further spend the money”.
Another popular explanation is that it could have been a bot code error. Alex Manuskin, a blockchain researcher at crypto wallet ZenGo told The Block that “A possible explanation could be a mix in the bot code between the sent value and the gas price. This sender used to send a transaction every 1 minute or so, so this did not look like a human operator. Might be some sort of a trading bot, for some exchange, repeating the same operation.”
We may never know exactly what happened, but the important thing to remember is that if you’re worried you’re accidentally going to send someone $2.6 million, don’t be. This was more than likely deliberate and the chances of it happening by accident are so minuscule as to be non-existent.